Problems with the node secret can result in authentication or node verification errors. Refresh the node secret when:

The node secret on the authentication agent is lost, for example, when you restore the original system image on a hardware appliance or you reinstall the agent.

The authentication agent record is deleted or re-added.

The node secret is deleted from one end of the connection but not the other, for example, the node secret is deleted from the RSA Authentication Manager appliance but not from an associated authentication agent.

You do not need to refresh the node secret when you change the authentication agent name or IP address.

Before you begin

On Windows 2008, Windows Vista, and Windows 7 or later, with the User Account Control feature enabled, the agent_nsload utility must be run from an elevated command prompt if the node secret is being stored at the default location, drive:\%windir%\system32.

The sdconf.rec file must be present in the destination folder on the authentication agent machine.

From the RSA Authentication ManagerExtras ZIP file, copy agent_nsload from the rsa-ace_nsload directory to the machine on which the agent is installed. Use the utility version that is specific to your platform.

From a command line on the machine on which the agent is installed, type:

agent_nsload -f path -p password

where:

path is the directory location and name of the node secret file.

password is the password used to protect the node secret file.

You can also enter the password when prompted.

For example, to extract the node secret to the default location, using the agent_nsload utility, type:

On UNIX:

agent_nsload -f /default_dir/nodesecret.rec

On Windows:

agent_nsload -f C:\default_path\ nodesecret.rec

To extract the node secret to a user-defined location, using the agent_nsload utility, type: